OSPF ABR Type 3 LSA Filtering on Cisco IOS

OSPF uses LSA type 3 for inter-area prefixes and if you want, you can filter these between OSPF areas. Since you can only filter between areas you’ll have to configure this on the ABR. Filtering is possible inbound or outbound an area by using the area filter-list command.

In this tutorial I will demonstrate how you can use this command to filter LSA type 3 between different areas. This is the topology that I will be using:

R1,R2 and R3 are located in their corresponding area number and have a loopback 0 interface each. The prefix on this loopback will be advertised in OSPF. In the middle you can see which is the ABR for area 1,2 and 3. We’ll create some filter on R4 to demonstrate the area filter-list command. Let me show you the OSPF configuration first:

OSPF Area Configuration

I will show you all the network commands that I used so you can replicate this if you want. R1,R2 and R3 will be in their own area and R4 is the ABR:

The ABR has 3 working OSPF neighbor adjacencies. Now it’s time to create some filters. We’ll start with inbound filtering.

Inbound Area LSA Type 3 filtering

I will start by filtering some prefixes that are headed towards area 3. The inbound filter will filter prefixes from all areas that are sent to 1 area. First we’ll take a look at the routing table of R3 in area 3:

If you want you can verify that the area filter is active with the show ip ospf command:

R4#show ip ospf 1 | begin Area 3
Area 3
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:01:50.060 ago
SPF algorithm executed 3 times
Area ranges are
Area-filter INTO-AREA3 in
Number of LSA 5. Checksum Sum 0x03C737
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0

Prefix 2.2.2.2 /32 is gone from the routing table as it has been filtered by the ABR (R4). The nice thing about inbound filtering is that it doesn’t matter from which area the prefix came, everything that goes into area 3 will hit the prefix-list and will be filtered. I can demonstrate this to you by filtering something else, for example the two prefixes 192.168.14.0 /24 (area 1) and 192.168.24.0 /24 (area 2). Let’s change our prefix-list:

Now you know how inbound filtering works, let’s take a look at outbound filtering.

Outbound Area LSA Type 3 filtering

The outbound filter lets us filter a prefix from 1 area to all other areas. Let’s see if we can filter 3.3.3.3 /32 so that R1 and R2 won’t have it in their routing table anymore. First we’ll verify if they have learned about this prefix:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.

Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!

Forum Replies

Rajendra,
This has to do with how link state protocols work. In order for a link protocol to be able to run the Dijkstra algorithm, they must all have identical databases to run the algorithm against. If filtering were allowed within an area, then by definition, some routers would have a different database than others, and when those routers ran the shortest path tree calculations, they would arrive at different results.

Notice that both the ASBR and ABR, by definition, are at the area boundary. They are allowed to do filtering or summarization only on route

I am assuming that you and the ISP are operating completely separate OSPF domains. That is, their OSPF routing is completely autonomous from yours. This means that your area 0 has nothing to do with their area 0. They are two completely separate systems.

If this is the case, then the way one OSPF domain communicates with another OSPF domain is via a router that has two separate OSPF processes running. One interface is using process number 1 for example, this may be your internal OSPF domain, and the outside interface is using process 2, which i

New Lessons

Testimonials

Fast & Complete!

Excellent for fast, complete and precise reviews. Suggested!

Fabrizio FrancioneSystem EngineerFebruary 15, 2016

Genuine Videos

I have had the pleasure of being in Rene classroom presentations a few years ago. It looks like his videos on NetworkLessons.com are actually taped in a real live class. He is just that kind of guy (the greatest). Thanks!

Francois van AbkoudeNetwork TrainerJune 6, 2018

Clear Explanation

Networklessions.com is a good learning platform where various topics are explained very well. All the topics are explained with various configuration examples, which is very useful to understand the technologie. I've used Networklessions.com many times during my CCNP study. I recommend it to everyone!

Herman JansonNetwork EngineerOctober 14, 2015

Excellent God Send

I love the way Rene breaks down a technology by showing the lab with the commands also going deep on various topics.

Charles JohnsonNetwork EngineerSeptember 10, 2015

A Godsend!

NetworkLessons.com explains everything in such an understandable way. For years I've been reading Cisco Press books and websites over and over to grasp concepts, but on Networklessons.com, I grasp concepts immediately and retain them better. Thank you!

Jeremi RichardsonNetwork EngineerJune 7, 2017

Learning In Plain English

I will personally recommend NetworkLessons.com to anyone wanting to seek more knowledge in networking. It's because their course SCHEDULES are very well defined, LABS are perfectly outlined and all network CONCEPTS are excellently presented in plain and understandable English.

John YuoganNetwork SpecialistSeptember 12, 2016

Very Good

NetworkLessons.com has an amazing way simplifying complex materials without oversimplifying things. Nice drawings of the scenarios. I used their materials (and some other) to achieve CCNP level (RS) and am now using it to complement my CCIE studies. Their courses are ordered in a way that you can find answers to questions you got fast. I really recommend their materials!

Martijn RotteveelTeacher ITDecember 15, 2016

Well Worth It

Rene is quite simply great at what he does. My process for learning Cisco (and networking in general) is to get an introduction to concepts or processes first, and then once I have a general idea of what's what, then to go to NetworkLessons.com to actually understand the hands-on configuration and mechanics involved. So far it's a system that just can't be beaten and I would recommend it to anyone seeking to broaden their networking knowledge and skills. Thank you!

Rey GaljourIT Systems ManagerNovember 20, 2018

Amazing!

NetworkLessons.com has become an invaluable resource for me. Of course, the official Cisco press books are just fine and cover all the material in thorough detail. The difference though is that Rene emphasizes the important topics that you really need to know in a real production environment. He gives you the meat and potatoes and does so in a way that's very easy to understand. My favorite thing about NetworkLessons.com is that I can use it as a quick reference when I am troubleshooting on the job. This is much better than lugging around official Cisco press books and sifting through pages and pages to find something specific I'm looking for.

Leroy MerinoNetwork EngineerJune 26, 2017

Well Explained

When I decided to make a career change two years ago I enrolled in school and didn’t even know how to send an e-mail. After searching for any help I could get I came across a website which I am on every single day as my “go-to” site, networklessons.com. I recently passed my CCNA R&S exams and it was only possible because of how well networklessons.com explained every topic. I look forward to using this site for many future certifications.

Tom KraenbringNOC TechnicianMay 17, 2015

Very Good to Get Pratical

NetworkLessons.com is a very good resource to get practical. They offer good information for the certifications and detailed lessons which are efficiently explained. I started to avoid extensiveness in studying for re-certification and prefer their much more compacter study materials. They offer very helpful information to make me accomplish not only professional networking tasks but also refresh my knowledge all the time and be up to date in my expertise.

Luis Felipe Vargas CarranzaNetwork & Firewall Engineer May 24, 2018

Can’t Miss for a Day

NetworkLessons.com makes labs look easy and understandable. I seriously can't miss a single day without being a member of their website. NetworkLessons.com is a fantastic and very helpful e-learning site. They provide you the best and the most important knowledge that you need to get any networking job done. Thank you!